Skip to content

confluent-common-docker/7.6.9-r0: cve remediation #77381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
octo-sts wants to merge 1 commit into from
Closed

confluent-common-docker/7.6.9-r0: cve remediation #77381

octo-sts wants to merge 1 commit into from

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Jan 7, 2026

confluent-common-docker/7.6.9-r0: fix GHSA-3677-xxcr-wjqv

Advisory data: https://github.com/wolfi-dev/advisories/blob/main/confluent-common-docker.advisories.yaml

"Breadcrumbs" for this automated service

Inspected git repositories: https://github.com/confluentinc/[email protected]

@octo-sts octo-sts bot added automated pr request-cve-remediation maven/pombump GHSA-3677-xxcr-wjqv p:confluent-common-docker P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. manual/review-needed staging-approver-bot/manual-review-needed approver-bot/manual-review-needed cve-pr-closer/v2-adv-disagreement labels Jan 7, 2026
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Jan 7, 2026

This vulnerability remediation is stale and no longer needed. 👋

Advisory CGA-j26w-9r84-m769 has the latest event type of "fixed"

View with: cg advisory show CGA-j26w-9r84-m769
Or view on GitHub: https://github.com/wolfi-dev/advisories/blob/main/confluent-common-docker.advisories.yaml

ID:      CGA-j26w-9r84-m769
Package: confluent-common-docker
Aliases: CVE-2024-29371 GHSA-3677-xxcr-wjqv
Events:
  - "scan/v1" at 2025-12-19 11:18:59 UTC
  - "fixed" at 2025-12-31 22:22:11 UTC

🔀 v2 advisory logic would not have closed this PR: Found 2 advisories, but 2 of them are not resolved (CGA-6qgf-xxwf-m243, CGA-m44x-cqj9-frqw).

@octo-sts octo-sts bot closed this Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approver-bot/manual-review-needed automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. cve-pr-closer/v2-adv-disagreement GHSA-3677-xxcr-wjqv manual/review-needed maven/pombump p:confluent-common-docker P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-cve-remediation service:cve-pr-closer staging-approver-bot/manual-review-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant